Listen 443 https ServerName 10.60.0.1 DocumentRoot /var/www/html SSLEngine on SSLCertificateFile /etc/httpd/ssl/apache.crt SSLCertificateKeyFile /etc/httpd/ssl/apache.key SSLCACertificateFile /etc/httpd/ssl/ca.crt # Mutual Authentication (Client Cert) SSLVerifyClient require SSLVerifyDepth 1 # OCSP Validation against CA SSLOCSPEnable on SSLOCSPDefaultResponder "http://10.60.0.1:8888" SSLOCSPOverrideResponder on SSLOCSPUseRequestNonce off # Session management for Form Auth Session On SessionCookieName session path=/;HttpOnly;Secure # Protected Area AuthType Form AuthName "Coimbra VPN" AuthFormProvider PAM AuthPAMService httpd-totp AuthFormLoginRequiredLocation "/login.html" Require valid-user # Public Login Page AuthType None Require all granted # Login Handler SetHandler form-login-handler AuthType Form AuthName "Coimbra VPN" AuthFormProvider PAM AuthPAMService httpd-totp AuthFormLoginSuccessLocation "/index.html" AuthFormLoginRequiredLocation "/login.html?error=1" # Logout Handler SetHandler form-logout-handler AuthFormLogoutLocation "/login.html?loggedout=1"